If you have installed MySQL version 8.0 or later and tried to establish a connection to its database, you might run into this error:

Authentication plugin 'caching_sha2_password' cannot be loaded: dlopen(/usr/local/mysql/lib/plugin/caching_sha2_password.so, 2): image not found

What is caching_sha2_password Authentication Plugin?

caching_sha2_password is MySQL’s latest authentication plugin which brings some major advancements to the connection encryption, compared to the other authentication mechanisms. The first is, an in-memory cache for faster authentication. Next is a RSA-based password exchange that is independent of the SSL library against which MySQL is linked. And finally, it supports Unix socket-files and shared-memory protocols.

You can read more about its features here.

Why I can’t connect to MySQL 8.0?

The reason for this is while MySQL 8.0 uses caching_sha2_password as the default authentication plugin, your MySQL client hasn’t been compatible with it yet. It uses the older versions of libmysqlclient which do not support this caching_sha2_password plugin. Thus it failed to connect.

For example, Sequel Pro users have been experiencing this due to the fact that Sequel Pro hasn’t supported MySQL 8 (issue #2699) and the caching_sha2_password plugin is missing (issue 3037).

Note from the Sequel Pro team on Jun 20:

Side note: Support for caching_sha2_password will probably not happen anytime soon.
Sequel Pro currently uses the 5.5 MySQL client library and this plugin is only included with the most recent 8.0 library.
Since there may be internal changes between those versions and we made some customizations ourselves, we have to go 5.5 -> 5.6 -> 5.7 -> 8.0 and check compatibility at each step.
But not even the switch to 5.6 is scheduled for the next release.

Well, that sucks!

Guess I'll wait

Until now, there are a couple solutions for this:

1. Change to legacy password for MySQL Server:
  • Go to System Preferences -> MySQL
  • From Instance tab, choose Initialize Database
  • Choose Use legacy Password Encryption
  • Restart the Server

Use legacy password encryption

Now you might be able to connect to the database again.

2. Use mysql_native_password

You can use the ALTER command to change the encryption of the password to mysql_native_password instead of the latest authentication plugin caching_sha2_password

ALTER USER 'username'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
3. Roll back to the earlier version of MySQL

Back to MySQL 5.7 for example:

brew uninstall mysql
brew install [email protected]
brew link [email protected] --force

But those are just temporary solutions. It’s not recommended if you want to use the latest encryption method.

4. Use another GUI Client which supports MySQL 8
  1. Download TablePlus here or update the TablePlus app to the latest version.
  2. Connect to any version of MySQL, even it requires two-step authentication.
  3. Enjoy coding!

TablePlus is a modern, native client with intuitive GUI tools to create, access, query & edit multiple relational databases: MySQL, PostgreSQL, SQLite, Microsoft SQL Server, Amazon Redshift, MariaDB, CockroachDB, Vertica, Cassandra, Oracle, and Redis.

It’s native, beautiful, and available for free.

Use legacy password encryption